Platform
nodejs
Component
huly-platform
Opgelost in
0.7.383
A server-side request forgery (SSRF) vulnerability has been identified in Huly Platform versions 0.7.382 through 0.7.382. This flaw allows attackers to manipulate the application into making requests to unintended internal or external resources, potentially exposing sensitive data or enabling further attacks. The vulnerability resides within the Import Endpoint component, specifically in the file server/front/src/index.ts file. A public exploit is available, indicating a heightened risk of exploitation.
The SSRF vulnerability in Huly Platform allows an attacker to craft malicious requests that the server will execute on behalf of the attacker. This can lead to several consequences. An attacker could potentially access internal services that are not directly exposed to the internet, such as databases, configuration files, or administrative interfaces. They might also be able to scan internal networks for other vulnerable systems, facilitating lateral movement. The ability to make arbitrary requests also opens the door to data exfiltration and denial-of-service attacks against internal resources. The presence of a public exploit significantly increases the likelihood of exploitation and the potential for widespread impact.
This vulnerability is considered actively exploitable due to the availability of a public proof-of-concept. The vulnerability was disclosed on 2026-04-06. The vendor was contacted but did not respond. The exploit's public availability suggests a medium probability of exploitation (EPSS score likely medium). Monitor security advisories and threat intelligence feeds for any indications of active campaigns targeting Huly Platform.
Organizations deploying Huly Platform in environments with sensitive internal resources are at significant risk. Specifically, deployments where the platform interacts with internal APIs or databases without proper network segmentation are particularly vulnerable. Shared hosting environments where multiple users share the same Huly Platform instance should also be considered high-risk.
• nodejs: Monitor process execution for unusual outbound network connections originating from the Huly Platform process. Use lsof or netstat to identify connections to unexpected internal or external hosts.
lsof -i -p $(pidof huly-platform)• nodejs: Examine application logs for suspicious HTTP requests or error messages related to URL parsing or redirection. Look for patterns indicative of SSRF attempts.
grep -i 'url:' /var/log/huly-platform/access.log• generic web: Use curl to test for SSRF by attempting to access internal resources through the vulnerable endpoint.
curl -v http://<huly_platform_ip>/import?url=http://169.254.169.254/metadata/instance-iddisclosure
Exploit Status
EPSS
0.03% (11% percentiel)
CISA SSVC
CVSS-vector
The primary mitigation for CVE-2026-5623 is to upgrade to a patched version of Huly Platform as soon as it becomes available. Since no fixed version is currently specified, closely monitor the vendor's website and security advisories for updates. As a temporary workaround, implement strict input validation on any user-supplied URLs or hostnames used in requests made by the Import Endpoint. Consider deploying a Web Application Firewall (WAF) with rules to block suspicious outbound requests based on URL patterns or destination IP addresses. Restrict network access to the Huly Platform server to only necessary ports and services.
Actualice la plataforma Huly a una versión corregida. Revise el código fuente en `src/index.ts` para identificar y mitigar la vulnerabilidad de falsificación de solicitudes del lado del servidor. Implemente validaciones de entrada robustas para prevenir la manipulación de URLs.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2026-5623 is a server-side request forgery vulnerability affecting Huly Platform versions 0.7.382-0.7.382, allowing attackers to make requests on behalf of the server.
If you are using Huly Platform version 0.7.382, you are potentially affected by this SSRF vulnerability. Monitor for vendor updates.
The recommended fix is to upgrade to a patched version of Huly Platform. Monitor the vendor's website for updates and implement input validation as a temporary workaround.
Yes, a public exploit exists, indicating a high probability of active exploitation. Monitor your systems and implement mitigations immediately.
Check the Huly Platform website and security advisories for the latest information regarding CVE-2026-5623.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.